MOSCOW — Slumped on the one of the fluorescent poufs in his Moscow office, a gothic T-shirt-clad Alexander Lyamin says he’s “stunned.” Founder of Qrator Labs, a Russian startup specialized in cybersecurity, and a staunch supporter of a free and borderless internet, Lyamin is seeing his world collapse around him.
Located opposite a huge flour combine from the Soviet era, his company’s offices stand in stark contrast to the usual drab Moscow business decor. An exotic turtle paddles in an aquarium, a ping-pong table fills an entire room, and the two working spaces are wide open. The setting is reminiscent of the Silicon Valley of the early days, except that the insouciance and collaborative spirit that prevailed among transatlantic experts of computer security have given way to mistrust and paranoia.
Alexander Lyamin’s liberal dream started turning sour last June when the American company Crowdstrike accused Russian hackers — some of them linked to military intelligence services — of being behind the attacks aimed at the Democratic Party during last year’s presidential election. In retaliation, Barack Obama imposed sanctions on Russia’s intelligence services and their subcontractors. Among them was Tsor Security, linked to Qrator Labs, which works for the Kremlin, Gazprom and Sberbank, among other clients.
Russian programmer Alisa Shevchenko was also cited, and in her sole comment on the matter, tweeted that she was “really trying to make sense” of how her small company (closed long ago at that) could possibly appear on the same list with the FSB and international terrorists.
One month ago, the Federal Security Service of the Russian Federation (FSB) announced the arrest of two of its senior officers specialized in cybersecurity along with a top manager at Kaspersky Lab, one of the world leaders in the sector. All three were charged with treason, accused of having passed classified information to the U.S. Finally, three Russian hackers, members of the “Shaltay Boltay” group were arrested on suspicion of having hacked the email accounts of Russian leaders. Among the intercepted conversations were those of Kremlin counselor Vladislav Surkov, in which he dictated political instructions to the Russian-backed separatist rebels in the Donbass region of Ukraine.
One of these hackers managed to flee to Estonia, where he’s asked for political asylum. He accuses his superior, Vladimir Anikeev, of having been recruited by the FSB. According to the Russian press, the group’s “curator” was none other than one of the two officials charged with treason. Incarcerated in solitary confinement at the Lefortovo Prison in Moscow, Anikeev has pledged to collaborate with the investigators in exchange for a reduced sentence — probably one-and-a-half years instead of the maximum five years the law allows. His lawyer, Ruslan Koblev, says his client is “more of an anarchist and lone crook.”
Officially, there’s nothing to connect these cases, but the revelations’ consistency was enough to stir up trouble. “Their goal is to terrorize Russian cyberintelligence experts while keeping American agencies at bay,” says Philippe Baumard, who heads the Paris-based cybersecurity company Akheros. In this context, Vladimir Putin recently stated in front of FSB senior officials that the number of cyberattacks against Russia had increased threefold since 2015.
While calling for the “restoration of dialogue” between Russian and American intel services, the Kremlin’s leader has asked for a reinforcement of the means to fight against cybercrime. Simultaneously, Defense Minister Sergey Shoygu praised, in a speech at the State Duma on Feb. 22, the creation of cyberunits at the service of an “intelligent, specialized and efficient propaganda.”
I have nothing against Americans, but that doesn’t mean that I must have their spies inside my home.
These cases, after they had caused an amused surprise, soon paralyzed a community of experts who are used to sharing their data. Many of the specialists working in firms on the West Coast of the U.S. are of Russian origin, a country long renowned for the quality of its computer engineers and mathematicians. “On both sides of the ocean, insanity prevails nowadays,” says says Alexander Lyamin, whose Qrator Labs used to collaborate with American colleagues. “It’s hard to imagine how this confrontation will end. I thought tensions would decrease after the American election, but that’s not what’s happening. At some point, we will have to start talking to one another again.”
Two years ago, one of his co-workers found himself caught in the middle of a story worthy of a John Le Carré novel. Contacted by a source inside the Russian Telecom and Mass Communications Ministry requesting his expertise, Alexander Viaria traveled to Sofia, Bulgaria, where he was put in touch with a representative from Rostec. This state-owned company, specialized in technology for civil and military use, is led by a man close to Vladimir Putin, Sergey Chemezov. After a demonstration that targeted the Ukrainian Defense Ministry, Rostec, under the FSB’s cover, tried to recruit him to carry out DDoS attacks, according to what Viaria told the website Meduza, a claim that was confirmed by his former employer.
Alexander Viaria declined the offer. But after his return to Moscow, he saw that he was being followed, and eventually fled to Finland where he applied for asylum. Since then, “we’ve reduced to a minimum all our interactions with state organizations,” Lyamin says. Answering our request, Rostec denounces “accusations that defy common sense and bear no relation to reality.”
The company Kaspersky Lab, whose CEO Eugene Kaspersky is himself close to the Russian secret services, cannot afford to break off such ties. Ruslan Stoyanov, the head of the company’s investigations unit, is currently accused of “treason” alongside two FSB officials. “Like all major market players, we’re actively working together with the international community of experts and security organizations of different countries,” the company said in a statement.
Eugene Kaspersky — Photo: Web Summit
In the meantime, the firm’s American partners are forced to put the brakes on their cooperation. “I don’t want to endanger any of my partners knowing that the conversations they’re having with me could be misinterpreted by their countries’ authorities,” explains John Bambenek, threat systems manager at Fidelis Security, which collaborates with Kaspersky Lab.
Pavel Vrublevsky, the founder of payment platform ChronoPay, suspects American intelligence services of infiltrating Russian companies. “It’s probable that the people who stand accused of treason did take part in illegally exchanging information with the U.S., but that helped the cyber security market expand. I have nothing against Americans, but that doesn’t mean that I must have their spies inside my home,” this renowned expert says.
In 2013, Vrublevsky was sentenced to two-and-a-half years of prison for attacking one of his competitors, the company Assist, which is responsible for Aeroflot’s online ticket service. “He’s a talented man, and we valued his contacts,” a certain Sergei Mikhailov had said at Vrublevsky’s trial. It turns out the same Sergei Mikhailov, an FSB official, now stands accused of treason. It’s a small and shady world indeed.